Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JiDimGUH_FyInl7eu74BmPUxXkw.roa
File:                     JiDimGUH_FyInl7eu74BmPUxXkw.roa (raw, json)
Hash identifier:          /Khwt3rtfMxsdNX0asHno+vAbvuArswarWkhbm19RHQ=
Subject key identifier:   26:20:E2:98:65:07:FC:5C:88:9E:5E:DE:BB:BE:01:98:F5:31:5E:4C
Certificate issuer:       /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial:       0183658A57A1464964389C6C3D7F0A0284C1
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JiDimGUH_FyInl7eu74BmPUxXkw.roa
Signing time:             Thu 22 Sep 2022 14:11:48 +0000
ROA not before:           Thu 22 Sep 2022 14:11:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207990
IP address blocks:        91.132.114.0/23 maxlen: 32
                          103.53.82.0/23 maxlen: 32
                          193.28.237.0/24 maxlen: 32
                          103.240.180.0/22 maxlen: 32
                          45.114.8.0/22 maxlen: 32
                          193.28.182.0/24 maxlen: 32
                          193.28.191.0/24 maxlen: 32
                          193.28.202.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:65:8a:57:a1:46:49:64:38:9c:6c:3d:7f:0a:02:84:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
        Validity
            Not Before: Sep 22 14:11:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2620e2986507fc5c889e5edebbbe0198f5315e4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a0:92:13:6d:e2:07:2d:97:87:72:f2:70:53:
                    a5:68:bd:15:8a:a6:0a:65:f6:cf:01:5b:50:0e:00:
                    3b:4e:da:26:fa:6b:f1:7e:50:de:0d:03:ac:4b:16:
                    51:09:18:14:92:72:ac:00:c5:10:d8:e5:fa:06:d2:
                    a0:bc:50:b1:0b:35:94:33:85:7e:e7:c5:1f:1f:28:
                    c8:be:16:c4:80:f1:56:24:64:00:1c:5c:b2:95:1c:
                    12:ec:a2:f5:82:2d:c6:7f:f2:cd:ef:d6:1b:30:6b:
                    09:80:d2:01:9d:1a:13:58:c6:6f:6e:29:45:5d:63:
                    27:9e:9b:fc:ee:5b:d2:f0:c5:1e:39:4d:f4:91:ff:
                    6e:92:56:1c:86:3d:00:40:4a:58:ae:8e:ae:ed:f4:
                    fe:25:8a:48:38:f5:7a:99:4c:d0:2e:fa:f4:e8:62:
                    2d:50:f6:0c:7d:ee:88:ae:29:b7:dd:01:3a:02:2e:
                    3c:46:9f:ce:6b:f8:26:b7:1b:29:57:43:26:0a:a7:
                    8f:44:f4:d9:60:66:01:02:c9:38:b8:64:ec:0d:1b:
                    e9:bb:5d:b6:fe:06:50:95:9b:d7:6b:e1:9f:bb:e4:
                    79:93:49:42:1c:c7:f9:95:a5:24:ea:aa:2d:a2:9f:
                    10:0c:2c:5d:dd:ba:73:a5:00:fe:b8:cf:ff:00:5a:
                    9a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:20:E2:98:65:07:FC:5C:88:9E:5E:DE:BB:BE:01:98:F5:31:5E:4C
            X509v3 Authority Key Identifier:
                keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/JiDimGUH_FyInl7eu74BmPUxXkw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.114.8.0/22
                  91.132.114.0/23
                  103.53.82.0/23
                  103.240.180.0/22
                  193.28.182.0/24
                  193.28.191.0/24
                  193.28.202.0/24
                  193.28.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:2e:03:52:90:a5:39:9f:95:b8:fd:20:00:db:03:f1:f4:0f:
         b4:4a:a9:d6:4f:63:2c:cb:9d:14:7b:e3:13:ef:09:39:28:e5:
         45:f0:cd:ec:da:bd:7c:d9:b2:39:61:cd:ec:bf:37:e9:db:4b:
         53:88:65:ea:a2:29:0f:21:1f:b3:72:7b:89:9b:26:79:3c:cb:
         46:a3:d5:76:6f:e5:e0:b2:df:3a:67:c4:30:3b:d7:3b:98:6c:
         f1:0c:3d:25:ae:84:4b:d9:4f:1c:45:5e:79:7c:36:05:41:e9:
         ef:89:2f:33:8c:7f:9c:17:76:27:80:b9:f8:00:b4:1e:d0:44:
         5a:8a:3e:0f:fa:1d:a5:60:41:e9:55:e6:97:67:a2:d7:a5:2f:
         3f:97:48:93:b8:91:0b:9f:fe:23:fd:9a:6e:86:55:90:ae:fb:
         01:a2:d8:c8:d9:64:23:e2:78:3a:0c:bf:ae:b9:0a:a3:67:e8:
         74:1b:2b:66:5b:d9:44:c0:0d:b7:a3:48:86:32:dd:39:01:a0:
         88:87:4c:e7:99:7c:31:8d:67:07:db:88:de:bc:ca:79:5a:4d:
         0a:e6:92:f3:61:a6:e7:da:db:b3:0f:0c:40:a1:c5:83:ec:b9:
         6e:d5:b6:e1:f9:d2:77:85:02:21:72:0b:de:fe:b8:68:c5:84:
         8e:18:d4:c8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYNlilehRklkOJxsPX8KAoTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjIwOTIyMTQxMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjIwZTI5ODY1MDdmYzVjODg5ZTVlZGViYmJlMDE5OGY1MzE1ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6CSE23iBy2Xh3LycFOlaL0ViqYK
ZfbPAVtQDgA7Ttom+mvxflDeDQOsSxZRCRgUknKsAMUQ2OX6BtKgvFCxCzWUM4V+
58UfHyjIvhbEgPFWJGQAHFyylRwS7KL1gi3Gf/LN79YbMGsJgNIBnRoTWMZvbilF
XWMnnpv87lvS8MUeOU30kf9uklYchj0AQEpYro6u7fT+JYpIOPV6mUzQLvr06GIt
UPYMfe6Irim33QE6Ai48Rp/Oa/gmtxspV0MmCqePRPTZYGYBAsk4uGTsDRvpu122
/gZQlZvXa+Gfu+R5k0lCHMf5laUk6qotop8QDCxd3bpzpQD+uM//AFqawwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCYg4phlB/xciJ5e3ru+AZj1MV5MMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvSmlEaW1HVUhfRnlJbmw3ZXU3NEJtUFV4WGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLXIIAwQB
W4RyAwQBZzVSAwQCZ/C0AwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztMA0GCSqGSIb3
DQEBCwUAA4IBAQCgLgNSkKU5n5W4/SAA2wPx9A+0SqnWT2Msy50Ue+MT7wk5KOVF
8M3s2r182bI5Yc3svzfp20tTiGXqoikPIR+zcnuJmyZ5PMtGo9V2b+Xgst86Z8Qw
O9c7mGzxDD0lroRL2U8cRV55fDYFQenviS8zjH+cF3YngLn4ALQe0ERaij4P+h2l
YEHpVeaXZ6LXpS8/l0iTuJELn/4j/ZpuhlWQrvsBotjI2WQj4ng6DL+uuQqjZ+h0
GytmW9lEwA23o0iGMt05AaCIh0znmXwxjWcH24jevMp5Wk0K5pLzYabn2tuzDwxA
ocWD7Llu1bbh+dJ3hQIhcgve/rhoxYSOGNTI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:49 2024 by rpki-client on console-ams.rpki-client.org